PLEASANT DREAMS

For many admins, the security of a web application is more important than its performance. If you have a web server with multiple users, the Suexec module can help you avoid problems associated with globally writable directories.

If you follow security mailing lists, you know that web applications can be security nightmares. The reason for this is the subject of heated debate. Are languages like PHP to blame? Do too many web developers simply lack the skills to write secure applications? Whatever the cause, one thing is certain: something’s got to change. A holistic approach that redevelops every web server component from scratch is highly unlikely. Instead, the protagonists of the Apache project are working on improving individual components; although most people agree that this is not a perfect solution, it is infinitely better than no solution.

Buy this article as PDF

Express-Checkout as PDF

Price $2.95(incl. VAT)

Buy Linux Magazine

Related content

New tools for the web appear every day. In this issue, we round up some promising technologies, including Apache's Suexec module, the new WS-Addressing standard, the Helma application server, the Perlbal web server, and microformats.

Apache has ruled the web since the mid-90s, but not all users are happy with it. Recent competitors Cherokee and Lighttpd offer an uncomplicated alternative for users who are looking for something light.